A group of Hungarian security researchers from CrySyS Lab and Ukatemi has now revealed that the NSA dump doesn't just contain zero-day exploits used to take control of targeted systems, but also include a collection of scripts and scanning tools the agency uses to track operations of hackers from other countries.

According to a report published today by the Intercept, NSA's specialized team known as Territorial Dispute (TeDi) developed some scripts and scanning tools that help the agency to detect other nation-state hackers on the targeted machines it infects.

NSA hackers used these tools to scan targeted systems for 'indicators of compromise' (IoC) in order to protect its own operations from getting exposed, as well as to find out what foreign threat actors are stealing and which hacking techniques they are using.

"When the NSA hacks machines in Iran, Russia, China and elsewhere, its operators want to know if foreign spies are in the same machines because these hackers can steal NSA tools or spy on NSA activity in the machines," the publication reports.

"If the other hackers are noisy and reckless, they can also cause the NSA's own operations to get exposed. So based on who else is on a machine, the NSA might decide to withdraw or proceed with extra caution."

NSA's Territorial Dispute team maintains a database of digital signatures, like fingerprints for file and snippets from various hacking groups, to track APT operations for attribution.

According to the researchers, when the Shadow Brokers managed to hack the NSA networks and stole a collection of sensitive files in 2013, the agency was tracking at least 45 different state-sponsored APT groups.

It also appears that the NSA hackers were tracking some of the tools from Dark Hotel in 2011—that's about 3 years prior to the wider security community discovered the hacking group.

Dark Hotel is a sophisticated cyber espionage group believed to be from South Korea, well known for targeting hotel Wi-Fi networks to spy on senior-level executives at organisations in manufacturing, defense, investment capital, private equity, automotive and other industries.

The group of researchers has planned to release its findings of the NSA scripts and scanning tools this week at the Kaspersky Security Summit in Cancun, which would help other researchers to dig through the data and identify more of the APT groups the NSA is hunting.

"The team also hopes the information will help the community classify some malware samples and signatures that have previously been uncovered by the security community but remain unattributed to a specific threat group because researchers don’t know to which advanced hacking group they belong," the Intercept says.

Cryptography and System Security (CrySyS Lab) is best known for uncovering an Israeli spying tool called Duqu in 2011, which was believed to be developed by the same Israeli hackers who took the U.S. help to develop the infamous Stuxnet malware for sabotaging Iranian nuclear program.

The hacker group that's believed to be behind the high-profile cyber theft of NSA hacking tools and exploits that sparked a larger debate on the Internet concerning abilities of US intelligence agencies and their own security

The group put the stolen cyber weapons on auction but received not much response and gone quiet for some time.

However, The Shadow Brokers has now appeared to have put up the NSA's hacking tools and exploits for direct sale on an underground website.

A newly uncovered site reportedly contains a file signed with the cryptographic key of The Shadow Brokers, suggesting the hacker group has now moved to sell NSA hacking tools directly to buyers one by one, Motherboard reports.

On Wednesday, someone going by pseudonym Boceffus Cleetus published a post on Medium, saying that the Shadow Brokers hackers are now selling "NSA tools individually."

"The site also lets visitors download a selection of screenshots and files related to each item," notes Joseph Cox of Motherboard. "Along with those is a file signed with a PGP key with an identical fingerprint to that linked to the original Shadow Brokers dump of exploits from August."

The blog titled "Are the Shadow Brokers selling tools on ZeroNet?," reports a list of items, supposedly for sale on ZeroNet by the Shadow Brokers, with titles like "ENVOYTOMATO, EGGBASKET, and YELLOWSPIRIT."

ZeroNet is a decentralized Internet-like network for hosting websites using blockchain cryptography as DNS servers and BitTorrent technology as file servers.

Each of the items (NSA hacking tools) on the site is categorized into a type — like "exploits," "Trojans," and "implant" — each of which is ranged from 1 to 100 Bitcoins (from $780 to $78,000).

Anyone, including state-sponsored hackers with nation’s funding, could buy all the exploits for around $780,000.

As promised at the Black Hat and Def Con security and hacking conferences, Offensive Security – the creators of Swiss army knife for researchers, penetration testers, and hackers – has finally released the much awaited Kali Linux 2016.2.

Kali Linux is an open-source Debian-based Linux distribution designed to help ethical hackers and security professionals with a wide range of tools for penetration testing, forensics, hacking and reverse engineering together into a single package.

Earlier the Kali Linux distribution was known as BackTrack.

Kali Linux 2016.2 is an updated Live ISO image of the popular GNU/Linux distribution that includes the latest software versions and enhancements for those who want to deploy the operating system on new systems.

What's new?

Besides bringing the updated Live ISOs of Kali Linux, the Kali Linux team brings multiple variants of the GNU/Linux distribution with various Desktop Environments, specifically KDE, Xfce, MATE, LXDE, and Enlightenment – all available only for 64-bit platforms.

What's even more exciting is that, from Kali Linux 2016.2 onwards, the team promises to release updated Live ISO images of Kali with new software versions and the latest security patches every week.

Since Kali Linux has been the most advanced and widely used distro for penetration testing and forensics, this weekly update has come up as exciting news for those involved in various hacking and security-related projects.

It's been several months since the last update to the official Kali Linux Live ISOs, and there are a few hundred new or updated packages pushed to the Kali repositories.

This means that the packages incorporated in the previous Kali Linux ISOs need bug fixes and OS improvements, which are implemented in the most recent versions of the Linux distro.

"Since our last release several months ago, there's a few hundred new or updated packages which have been pushed to the Kali reports," the Kali Linux team's announcement reads. "This means that anyone downloading an ISO even 3 months old has somewhat of a long 'apt-get dist-upgrade' ahead of them."

You can download the latest Kali Linux 2016.2 ISOs from its official website now. The Kali Linux team has also promised to bring a lot of exciting announcements in the next few weeks, so keep an eye on its announcements for the latest updates.

Kali Linux 2.0 offers a redesigned user interface for streamlined work experience, along with a new multi-level menus and tool categories options.

Kali Linux 2.0 is now a rolling distribution, means users will receive tools and core system updates frequently.

Kali Linux 2.0 Features:

Runs on Linux kernel 4.0,

use full Gnome 3 Desktop instead of gnome-fallback,

improved hardware and wireless driver coverage,

support for a variety of Desktop Environments,

updated desktop environment and tools,

Featuring new cutting-edge wireless penetration tools,

Kali Linux now added desktop notifications, so that you do not miss anything,

Support Ruby 2.0, which will make Metasploit will load much faster,

Kali 2.0 added inbuilt screencasting tool so that you can record desktop.

Sadly, Kali team has removed the Metasploit Community and Pro packages. Instead, now just offers open-source Metasploit-framework package pre-installed.

Video Teaser:

Upgrade to Kali 2.0

Kali Linux users can upgrade their Kali 1.x to Kali 2.0 without reinstalling whole operating system from scratch. To do this, you will need to edit your source.list entries, and run a dist-upgrade as shown below.

When we began our journey 5 years back as a Small Local Community of few Hackers and Researchers, we had the dream of providing the Hacking Community with World's first Hacking News Platform. We wanted to gift them their own trusted news platform.

A Unique Platform which is run by Hackers and was dedicated to hackers, a platform which is free from Censorship, Conventions, Governments and Borders.

In the last 5 years of our Dedicated service to Hacking and Security community we have grown into a huge family of more than One Million Google+ Followers, 200 thousand Facebook Fans, and 100 thousand Twitter Followers with Two Million Readers Monthly and the family keeps growing with new members everyday.

In our journey of THN, we have seen the cyber world growing from Defacement to most Sophisticated cyber crimes of the Decade i.e Stuxnet and Flame Malwares. We have seen individual hacker joining together and making some of the most admired hacking groups like Syrian Electronic Army, Lulzsec, APT China. We have seen the largest hacking collectives like Anonymous group.

But we have also seen some of the most celebrated portals being busted by Governments i.e. Liberty Reserve, Megaupload, Silk Road. We have seen the surveillance programs like PRISM by NSA which has threatened our Privacy and Technology. We have seen young hackers giving up their precious lives due to government i.e. Topiary, Barrett Brown, Jeremy Hammond.

Today we are dedicating this anniversary to the courage of Edward Snowden, to the service of Julian Assange of Wikileaks and to the memory of Aaron Swartz.

In between these celebrations, we would like to thank every single Hacker, Researcher, Journalist, Enthusiast who has contributed to our phenomenal growth. We all are obliged to take Security in a Serious way. We promise to serve you with our best.

Make sure that you never miss our latest THN Stories, so Subscribe free updates right straight from our website to your Email Inbox.

One of the biggest security holes are passwords, as every password security study shows. A very fast network logon cracker which support many different services, THC-Hydra is now updated to 7.4 version.